Ubuntu
libvirt package

  1. Bug #891472
  2. Activity log

Activity log for bug #891472

Date Who What changed Old value New value Message
2011-11-17 03:30:00 Someone bug added bug
2011-11-17 12:40:36 Jamie Strandboge libvirt (Ubuntu): status New Triaged
2011-11-17 14:37:37 Serge Hallyn libvirt (Ubuntu): importance Undecided Low
2011-12-02 19:00:18 Launchpad Janitor libvirt (Ubuntu): status Triaged Fix Released
2011-12-05 19:11:12 Serge Hallyn description The hooks documented in http://www.libvirt.org/hooks.html cannot be executed, there are no mention of them in apparmor profile. For example, "daemon" hook produces this message in the log: Nov 17 06:54:06 nexus kernel: [ 8914.624912] type=1400 audit(1321498446.082:65): apparmor="DENIED" operation="exec" parent=4756 profile="/usr/sbin/libvirtd" name="/etc/libvirt/hooks/daemon" pid=4757 comm="libvirtd" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 Description: Ubuntu 11.10 Release: 11.10 libvirt-bin: Installed: 0.9.2-4ubuntu15.1 Candidate: 0.9.2-4ubuntu15.1 Version table: *** 0.9.2-4ubuntu15.1 0 500 http://xx.archive.ubuntu.com/ubuntu/ oneiric-updates/main amd64 Packages 100 /var/lib/dpkg/status 0.9.2-4ubuntu15 0 500 http://xx.archive.ubuntu.com/ubuntu/ oneiric/main amd64 Packages ============================================================== SRU Justification: 1. Impact: libvirt hooks cannot be used 2. Development fix: add apparmor rule to allow use of libvirt hooks 3. Stable fix: same as development fix 4. Test case: a. install libvirt b. create /etc/libvirt/hooks/daemon containing: #!/bin/sh << EOF date >> /tmp/libvirt-hook-debug EOF c. stop libvirt-bin; start libvirt-bin d. check whether /tmp/libvirt-hook-debug exists 5. Regression potential: if the profile has a syntax error, it could cause problems loading the profile, or lead to too much or insufficient privilege for libvirt to run. ============================================================== The hooks documented in http://www.libvirt.org/hooks.html cannot be executed, there are no mention of them in apparmor profile. For example, "daemon" hook produces this message in the log: Nov 17 06:54:06 nexus kernel: [ 8914.624912] type=1400 audit(1321498446.082:65): apparmor="DENIED" operation="exec" parent=4756 profile="/usr/sbin/libvirtd" name="/etc/libvirt/hooks/daemon" pid=4757 comm="libvirtd" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 Description: Ubuntu 11.10 Release: 11.10 libvirt-bin:   Installed: 0.9.2-4ubuntu15.1   Candidate: 0.9.2-4ubuntu15.1   Version table:  *** 0.9.2-4ubuntu15.1 0         500 http://xx.archive.ubuntu.com/ubuntu/ oneiric-updates/main amd64 Packages         100 /var/lib/dpkg/status      0.9.2-4ubuntu15 0         500 http://xx.archive.ubuntu.com/ubuntu/ oneiric/main amd64 Packages
2011-12-05 19:58:10 Simon Déziel bug added subscriber Simon Déziel
2011-12-05 20:28:17 Serge Hallyn nominated for series Ubuntu Maverick
2011-12-05 20:28:17 Serge Hallyn bug task added libvirt (Ubuntu Maverick)
2011-12-05 20:28:17 Serge Hallyn nominated for series Ubuntu Natty
2011-12-05 20:28:17 Serge Hallyn bug task added libvirt (Ubuntu Natty)
2011-12-05 20:28:17 Serge Hallyn nominated for series Ubuntu Oneiric
2011-12-05 20:28:17 Serge Hallyn bug task added libvirt (Ubuntu Oneiric)
2011-12-06 19:46:05 Serge Hallyn libvirt (Ubuntu Maverick): status New Won't Fix
2011-12-06 19:46:09 Serge Hallyn libvirt (Ubuntu Natty): status New Won't Fix
2012-01-11 12:04:29 Launchpad Janitor branch linked lp:ubuntu/libvirt
2014-12-03 09:37:17 Rolf Leggewie libvirt (Ubuntu Oneiric): status New Won't Fix